Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/aIMuvpP42ax6sgIMzmGy-W83PWI.roa
File: aIMuvpP42ax6sgIMzmGy-W83PWI.roa (raw, json)
Hash identifier: ppGHjGPARjug8vyJU4az+YQQLcd3Q+2olrVCXHQaJT8=
Subject key identifier: 68:83:2E:BE:93:F8:D9:AC:7A:B2:02:0C:CE:61:B2:F9:6F:37:3D:62
Certificate issuer: /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial: 0196E8B0E9D80C951174767BF02F8D8CE125
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/aIMuvpP42ax6sgIMzmGy-W83PWI.roa
Signing time: Mon 19 May 2025 13:17:10 +0000
ROA not before: Mon 19 May 2025 13:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.102.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 18:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:b0:e9:d8:0c:95:11:74:76:7b:f0:2f:8d:8c:e1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Validity
Not Before: May 19 13:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68832ebe93f8d9ac7ab2020cce61b2f96f373d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:52:fc:e4:cc:4b:da:66:0d:6a:31:78:59:
27:7f:bd:24:f3:ee:d0:f6:4d:3d:5a:78:fa:61:16:
b0:ab:bb:e0:28:5f:b8:9a:43:6a:54:b0:ef:be:b8:
49:62:7d:88:52:ed:29:1a:76:65:93:44:38:90:21:
c5:96:ab:46:ef:a8:d5:b0:69:8c:89:c8:f2:1e:99:
7c:30:7f:46:24:b3:44:57:d2:9f:8c:e4:45:21:c9:
f3:a9:b5:5c:7d:61:0c:d9:8e:c5:c4:51:4b:29:01:
6b:22:b0:69:60:e0:b2:d1:85:71:0a:1c:fb:c4:ea:
fe:3a:87:f7:df:4b:ea:f5:73:30:9a:01:87:46:b6:
d6:4b:7b:0c:82:1d:8e:a5:29:82:78:8f:3b:ca:fb:
74:28:1d:98:3e:14:6d:1f:50:d3:30:72:54:e4:1a:
c3:3f:08:2c:da:4f:c1:3e:d0:de:79:98:19:11:24:
8c:9b:2f:42:99:f8:14:ae:ab:ad:48:bd:45:e2:64:
3c:54:ca:bb:3a:04:af:bb:b3:74:cc:d1:18:7f:d9:
be:95:83:0d:64:8a:40:98:78:f8:14:6f:bd:3f:9e:
50:a7:f4:c6:7c:be:94:93:fa:04:02:a8:57:d2:c8:
61:fa:ee:b8:e5:89:6a:3f:bd:19:41:53:3c:e1:05:
89:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:83:2E:BE:93:F8:D9:AC:7A:B2:02:0C:CE:61:B2:F9:6F:37:3D:62
X509v3 Authority Key Identifier:
keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/aIMuvpP42ax6sgIMzmGy-W83PWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.167.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:7a:44:17:d5:74:2d:a2:b6:4e:52:bf:1a:a9:f9:43:b5:23:
b6:2d:30:bb:97:95:92:47:7f:21:b1:18:c5:2f:01:59:56:1d:
c2:24:39:e2:5c:c4:cf:ee:45:ee:b8:d1:1b:f6:c2:46:c3:53:
82:e2:54:0f:8a:09:00:ab:4c:98:29:e3:ab:2b:3a:d4:eb:20:
d7:85:f3:ff:4a:2b:f5:75:b9:39:52:7a:95:75:d8:88:95:b5:
45:ba:ce:37:c3:19:17:48:75:f7:e7:e5:a1:4a:92:1a:89:76:
aa:a9:1f:eb:99:1f:03:ec:b8:bc:0e:76:e1:51:c7:40:10:97:
cb:c2:c5:cc:5f:23:e8:0b:65:80:ad:d3:84:e0:25:72:50:36:
28:fa:8e:5f:0b:6b:7c:87:85:05:d7:a2:53:92:ef:ce:ff:aa:
b7:23:dd:bc:7a:0f:73:37:18:e7:e0:c6:61:6e:a7:7c:ef:3f:
75:71:71:61:ed:37:77:e2:fe:ac:c5:46:db:06:af:5c:e9:cc:
bf:ec:30:cf:9b:d3:5d:e3:a5:65:39:15:8c:bd:20:80:bc:b5:
00:c4:e0:7a:f1:ae:f5:79:1b:e8:a0:1c:37:0d:7e:82:17:9a:
f2:b0:64:88:6d:8f:75:e0:d8:a0:ad:e0:0b:00:0b:7f:cd:b2:
d5:be:f2:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbosOnYDJURdHZ78C+NjOElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjUwNTE5MTMxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgzMmViZTkzZjhkOWFjN2FiMjAyMGNjZTYxYjJmOTZmMzczZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml5S/OTMS9pmDWoxeFknf70k8+7Q
9k09Wnj6YRawq7vgKF+4mkNqVLDvvrhJYn2IUu0pGnZlk0Q4kCHFlqtG76jVsGmM
icjyHpl8MH9GJLNEV9KfjORFIcnzqbVcfWEM2Y7FxFFLKQFrIrBpYOCy0YVxChz7
xOr+Oof330vq9XMwmgGHRrbWS3sMgh2OpSmCeI87yvt0KB2YPhRtH1DTMHJU5BrD
Pwgs2k/BPtDeeZgZESSMmy9CmfgUrqutSL1F4mQ8VMq7OgSvu7N0zNEYf9m+lYMN
ZIpAmHj4FG+9P55Qp/TGfL6Uk/oEAqhX0shh+u645YlqP70ZQVM84QWJSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiDLr6T+NmserICDM5hsvlvNz1iMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvYUlNdXZwUDQyYXg2c2dJTXptR3ktVzgzUFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2anMA0G
CSqGSIb3DQEBCwUAA4IBAQA7ekQX1XQtorZOUr8aqflDtSO2LTC7l5WSR38hsRjF
LwFZVh3CJDniXMTP7kXuuNEb9sJGw1OC4lQPigkAq0yYKeOrKzrU6yDXhfP/Siv1
dbk5UnqVddiIlbVFus43wxkXSHX35+WhSpIaiXaqqR/rmR8D7Li8DnbhUcdAEJfL
wsXMXyPoC2WArdOE4CVyUDYo+o5fC2t8h4UF16JTku/O/6q3I928eg9zNxjn4MZh
bqd87z91cXFh7Td34v6sxUbbBq9c6cy/7DDPm9Nd46VlORWMvSCAvLUAxOB68a71
eRvooBw3DX6CF5rysGSIbY914NigreALAAt/zbLVvvK7
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:03:16 2025 by rpki-client